I like NES hardware trivia because it shows that new users know how to read and search our wiki.

But there's a difference between NES hardware trivia and trivia related to specific nonfree NES games that not everybody with an NES owns. True, Super Mario Bros. came bundled with most NES consoles, either by itself or in a multicart that also included Duck Hunt or Tetris. But the Challenge Set had Super Mario Bros. 3, all toploaders (Famicom and NES-101) lacked a pack-in, and not all used consoles include some form of SMB. In addition, we have SNESdev, where not everybody has All-Stars, and GBDev, where not everybody has SMB Deluxe or even specifically a Game Boy Color for that matter.

"Bullying" someone to explore another resource available from the same domain (namely our wiki) is more tolerable than "bullying" someone to buy a particular publisher's nonfree game (namely SMB).

mic_ wrote:

It doesn't help that the answers seem to be case sensitive, or that it isn't apparent how one should formulate the answer even if one knows the answer (is our princess "in another castle", or in "another castle"?).

Or even "World 8" or "World 8-4", formulations that might be resistant to osmosis. At least when I made a set of hardware questions, I tried to include multiple formulations, such as "BCD" or "decimal mode", and only cover things on the wiki.

WhoaMan wrote:

None of the privileges have changed, seems to be a bug with the migration.

It's not that permissions were explicitly taken away as much as that without reauthenticating to the ACP, I could exercise only the powers of a global mod until you fixed it.

WhoaMan wrote:

the maximum attempts problem should be fixed now

Thank you.

Are you having your reverse proxy generate a header such as X-Forwarded-For or X-Real-IP and then feeding that to phpBB as the REMOTE_ADDR?

dougeff wrote:

zzo38 wrote:

I disagree with HTTPS-only

Google insists.

I thought Google Search's cleartext penalty insisted on the site being available through HTTPS with <link rel="canonical"> pointing to an HTTPS page, not that the server force a redirect from HTTP to HTTPS. Or has Google Search begun to use HSTS and HTTP-to-HTTPS redirects as a rank signal as well? (HSTS is an HTTP header telling the browser to rewrite the scheme for all HTTP requests to the same hostname to HTTPS for at least the next month.)

I like NES hardware trivia because it shows that new users know how to read and search our wiki.

"Bullying" someone to explore another resource available from the same domain (namely our wiki) is more tolerable than "bullying" someone to buy a particular publisher's nonfree game (namely SMB).

I agree with you about these things; you should make the question about the hardware and not about any game. In addition to be more tolerable than "bullying" someone to buy a particular publisher's nonfree game, it is also more tolerable then "bullying" someone to look at an external resource (even if that external resource is free); to look only at resources available on the same website for free is better.

Quote:

dougeff wrote:

zzo38 wrote:

I disagree with HTTPS-only

Google insists.

I thought Google Search's cleartext penalty insisted on the site being available through HTTPS with <link rel="canonical"> pointing to an HTTPS page, not that the server force a redirect from HTTP to HTTPS. Or has Google Search begun to use HSTS and HTTP-to-HTTPS redirects as a rank signal as well? (HSTS is an HTTP header telling the browser to rewrite the scheme for all HTTP requests to the same hostname to HTTPS for at least the next month.)

HSTS is terrible and does not improve security or anything else. HTTPS-only also doesn't help. If you do need redirects to HTTPS for Google, well, you can know that Google itself redirects to HTTPS only for certain user-agents, so you can do the same (possibly using the same list). There are things that can be done to improve security:

Implement HPKP ("no-user-recourse" is bad though, but that is a client-side concern and is not a server-side concern).

Set cookies as non-scriptable.

When users login over HTTPS, set the cookies as secure-only.

Allow encrypted private messages (encrypted on the client side if the user agrees to execute the encryption program) to be sent to users who have enabled encrypted private messages in their profile.

Allow users connecting through HTTPS to use their own encryption keys if they wish to do so. (This one is probably the most difficult one to implement.)

I was aware about the captcha for new users which was nes trivia related, it just that I was surprised that it was asking it it all the time. I kind of had a hunch that something went wrong with the migration so I posted my comment to know why it was happening suddenly.

As for bullying, I was just joking about the fact that the question was asked every time and now it was over, thus the smilley to convey that I was not serious about my previous comment.

The "Unable to save thumbnail to destination" messages on the Wiki are server-side and need to be addressed. A good page where this is present is the Emulators - Under development section, which uses {{mbox}} to display a coloured info box and an icon.

I'm willing to bet the path for saving thumbnails on the filesystem changed, or if it didn't, the permissions of who can write there might now be more relevant (I believe the webserver changed to nginx, which means FastCGI + php5-fpm are probably involved, which means nightmares relating to user/group and file/dir permissions when compared to Apache and the ITK mpm). https://www.mediawiki.org/wiki/Topic:Qmkwqlxoor706ddt has some details.

Who is online

Users browsing this forum: No registered users and 0 guests

You cannot post new topics in this forumYou cannot reply to topics in this forumYou cannot edit your posts in this forumYou cannot delete your posts in this forumYou cannot post attachments in this forum